If your medical records were shared unlawfully, you might be wondering if you can make a claim for compensation. In this article, we will address what a personal data breach is, as well as what personal data could be exposed if your medical records are shared.
We will then look into compensation and how settlements are awarded in personal data breach claims. To do so, we will examine figures taken from the Judicial College Guidelines (JCG). This document helps legal professionals calculate the value of compensation claims.
Finally, we will discuss how our advisors and our panel of solicitors can help you start your claim today. Our team can provide free legal advice and a free consultation of your claim. If they find your claim to be valid, they may put you in contact with a solicitor from our panel. To learn more, you can:
Select A Section
- What Is A Medical Records Data Breach?
- Are Medical Records Data Breaches Serious?
- What Could Cause Your Medical Records To Be Shared?
- How To Claim If Your Medical Records Were Shared
- What Could You Claim If Your Medical Records Were Shared?
- No Win No Fee Agreements For Medical Data Breach Claims
The Information Commissioner’s Office (ICO) is an independent watchdog that upholds the two main pieces of data protection legislation for the UK, the Data Protection Act 2018 (DPA) law and the UK General Data Protection Regulation (UK GDPR).
According to this legislation, a personal data breach occurs as a result of a security incident that compromises the integrity, availability, or confidentiality of your personal data. This is information that could identify you. For example, your name, email address, or postcode.
However, if your medical records are shared unlawfully, your case must meet certain criteria in order to claim. This includes:
- Suffering harm as a result of the breach
- The breach occurring due to the wrongful conduct of the organisation
- Your personal data being involved in the breach
To find out if you could be eligible to claim, or to learn more about personal data breach claims, contact our team of advisors today.
Data that refers to your health falls into a subcategory of personal data known as special category data. This includes your medical records. Special category data requires extra protection according to data protection legislation due to the sensitive nature of the information.
A personal data breach can have a detrimental effect on your mental health as well as your finances. For example, following a breach, you may experience anxiety, depression, or post-traumatic stress disorder (PTSD).
Pharmacies and private healthcare providers may store your debit or credit card information. Should a breach compromise these details, criminals could steal money from your account or damage your credit score.
How Long Do I Have To Claim?
Generally, you have six years to begin a personal data breach claim. However, if you are claiming against a public body, such as the NHS, this falls to one year.
Contact our advisors for free legal advice surrounding your claim.
One way in which your medical records could be shared unlawfully is through human error. For example, an employee may fail to redact personal data from medical records before sharing them. Or, an email containing your medical records could be sent to the wrong email address.
Organisations that store or process personal data must ensure that they have adequate security systems in place. This includes both physical security and cybersecurity. For example, if an administrative office does not have proper physical security measures, computers or documents that contain medical records could be stolen.
If organisations do not employ adequate cybersecurity policies, this could lead to cybercriminals using viruses such as ransomware to hack into networks and steal your medical records. However, to claim for a breach under these circumstances, you must be able to prove that the breach occurred as a result of the organisation’s failures.
To learn more about how your medical records could be shared unlawfully, contact our advisors today.
Firstly, you can contact the organisation directly and ask for more information. They may be able to tell you what information was included, how, and why. If a breach could affect your freedoms or rights, the organisation responsible must alert the ICO within 72 hours. Alongside this, they must inform you without undue delay.
However, if they do not provide a satisfactory response, you can then make a complaint to the ICO. The ICO cannot provide compensation, but they may choose to investigate the breach. Any correspondence with the ICO can also be used as evidence to help strengthen your claim.
Finally, you may wish to seek out legal representation. For more information on how a solicitor from our panel could help you or to learn more about how to deal with a data breach, get in touch today.
Material and non-material damage are the two heads of claim you can pursue under a personal data breach claim.
Under non-material damage, you can claim compensation for psychological harm. This covers illnesses such as emotional distress, anxiety, and depression. However, under material damage, you can claim compensation for the financial impacts of the breach. For example, damage to your credit score.
Below, you can find a mental health compensation calculator table. This table illustrates figures taken from the JCG, a document that helps solicitors value claims. The JCG provides guideline compensation brackets for a variety of illnesses and injuries. However, the table below contains figures that only relate to non-material damage amounts.
|Injury And Severity
|£54,830 to £115,730
|(a) Severe: The person will have experienced marked problems with various areas of their life and will have a very poor prognosis.
|£19,070 to £54,830
|(b) Moderately Severe: Similar issues as in the case above. However, the prognosis is more optimistic.
|£5,860 to £19,070
|(c) Moderate: A good prognosis with improvement to various aspects of their life.
|£1,540 to £5,860
|(d) Less Severe: Consideration is given to the length of symptoms, and the effect on activities such as sleep.
|£59,860 to £100,670
|(a) Severe: All aspects of the persons life are badly effected, leaving no prospect of employability and no function at the pre-trauma level.
|£23,150 to £59,860
|(b) Moderately Severe: The person shows some recovery with help from a professional. As such, the prognosis is better.
|£8,180 to £23,150
|(c) Moderate: A significant recovery will have been made.
|£3,950 to £8,180
|(d) Less Severe: A mostly full recovery within a couple of years.
The Vidal-Hall and others v Google Inc  – Court of Appeal case allows claimants to claim for non-material damage with or without claiming for material damage. Previously, you had to claim for both at the same time in order to receive non-material damage.
The figures above are guideline amounts only. Our advisors can provide a free estimate of what your claim could be worth when you get in touch today.
Our panel of solicitors offer expert legal representation under Conditional Fee Agreements (CFAs). With this type of No Win No Fee arrangement, you get legal representation for your claim with no ongoing or upfront fees or costs.
If your claim is successful, then your solicitor is paid through a success fee. This fee is a percentage of your compensation, but there is a legal cap. Before your claim starts, your solicitor will make you aware of this percentage. However, if your claim does not succeed, then you will not pay this fee.
To find out how a solicitor from our panel could help you, contact our advisors today by:
Learn More About Breaches Of Medical Data
For more helpful resources:
Or, to read more informative guides:
- How to make a probation officer data breach claim
- Joint bank account data breach claims
- How to make a stolen phone data breach claim
Contact our advisors today if your medical records are shared unlawfully to find out what steps you can take.
Article by NA